Microsoft warned today that attackers are exploiting a previously unknown security hole in Microsoft Word that can be used to foist malicious code if users open a specially crafted text file, or merely preview the message in Microsoft Outlook.
Microsoft warned today that attackers are targeting a previously unknown security vulnerability in some versions of Microsoft Office and Windows. The company also has shipped an interim “Fix-It” tool to blunt attacks on the flaw until it has time to develop and release a more comprehensive patch.
Microsoft today deviated from its usual monthly patch cycle in issuing an emergency security update to fix a critical security hole in its Internet Explorer Web browser that attackers have been exploiting to break into Windows PCs.
Microsoft has released an emergency update for Internet Explorer that fixes at least five vulnerabilities in the default Web browser on Windows, including a zero-day flaw that miscreants have been using to break into vulnerable systems.
The patch, MS12-063, is available through Windows Update or via Automatic Update. If you installed the stopgap “fix it” tool that Microsoft released earlier this week to blunt the threat from the zero-day bug, you need not reverse or remove that fix it before applying this update. The vulnerability resides in IE 7, 8, and 9, on nearly all supported versions of Windows, apart from certain installations of Windows Server 2008 and Windows Server 2012.